Security Bulletin: A vulnerability in IBM Spectrum Scale Container Native that could allow an attacker acquiring root privileges on the host (CVE-2022-41736)

Summary A security vulnerability has been identified in IBM Spectrum Scale Container Native that could allow an attacker to acquire root privileges on the host using unshare. A fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2022-41736 DESCRIPTION: IBM Spectrum Scale...

ASB-A-254774758

In OnWakelockReleased of attributionprocessor.cc, there is a use after free that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 资源管理错误漏洞

Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from reuse after release and may execute native arbitrary code...

Deno improperly handles resizable ArrayBuffer

Impact Resizable ArrayBuffers passed to asynchronous native functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0. Deno Deploy users are not...

The next wave of multicloud security with Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP)

With digital transformation in the face of macroeconomic pressures, strategies to optimize both cloud environments and cloud security are increasingly appealing to enterprises. Organizations worry about vulnerabilities in code getting deployed, critical misconfigurations, overprivileged access to...

The next wave of multicloud security with Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP)

With digital transformation in the face of macroeconomic pressures, strategies to optimize both cloud environments and cloud security are increasingly appealing to enterprises. Organizations worry about vulnerabilities in code getting deployed, critical misconfigurations, overprivileged access to...

This Week in Spring - March 21st, 2023

Hi, Spring fans! Welcome to another rip roaring installment of This Week in Spring! It's March 21st and today they announced Java 20! It's an exciting time to be a Java developer. Java 20, of course, is just another amazing installment before Java 21, which comes out in six short months, includin...

Fedora: Security Advisory for pack (FEDORA-2023-2df9d60e4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for pack (FEDORA-2023-0c354a3f9a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: pack-0.29.0~rc1-1.fc36

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

[SECURITY] Fedora 37 Update: pack-0.29.0~rc1-1.fc37

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

Kotlin DSLs in the world of Springdom

Kotlin is a beautiful language that makes it trivial to take old Java libraries and make them much more concise, just by virtue of the Kotlin syntax itself. It shines, however, when you write DSLs. Here's some inside baseball for you: the Spring teams do their level-headed best to be cohesive, to...

Shift left with Wiz Guardrails: New Wiz Admission Controller capabilities enable security policy checks at deployment time

Wiz CLI and Wiz Admission Controller enable developers to leverage a single security policy throughout the software pipeline for cloud-native environments...

Gain flexibility and scale with a cloud-native DLP solution

We’re living in a seismic era for data security. Chief information security officers CISOs have to contend with a digital landscape that seems to shift daily as more organizations move to remote and hybrid work, redrawing the boundaries for how data is used and shared. The cloud has enabled...

Gain flexibility and scale with a cloud-native DLP solution

We’re living in a seismic era for data security. Chief information security officers CISOs have to contend with a digital landscape that seems to shift daily as more organizations move to remote and hybrid work, redrawing the boundaries for how data is used and shared. The cloud has enabled...

[SECURITY] Fedora 38 Update: pack-0.29.0~rc1-1.fc38

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

Fedora: Security Advisory for pack (FEDORA-2023-5eca6a8326)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian: Security Advisory (DLA-92-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rainbond has a logic flaw vulnerability (CNVD-2023-29035)

Rainbond is a cloud-native application management platform. Rainbond suffers from a logic flaw vulnerability that can be exploited by attackers to obtain sensitive information...

Rainbond has a logic flaw vulnerability (CNVD-2023-29097)

Rainbond is a cloud-native application management platform. Rainbond suffers from a logic flaw vulnerability that can be exploited by an attacker to reset arbitrary user passwords...